Policy Events - List Query Results For Policy Definition

Referenz

Service:: Policy

API Version:: 2019-10-01

Fragt Richtlinienereignisse für die Richtliniendefinition auf Abonnementebene ab.

POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01

With optional parameters:

POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}

URI-Parameter

Name	In	Erforderlich	Typ	Beschreibung
authorizationNamespace	path	True	AuthorizationNamespaceType	Der Namespace für den Microsoft-Autorisierungsressourcenanbieter; nur "Microsoft.Authorization" ist zulässig.
policyDefinitionName	path	True	string	Name der Richtliniendefinition.
policyEventsResource	path	True	PolicyEventsResourceType	Der Name der virtuellen Ressource unter dem Ressourcentyp PolicyEvents; nur "default" ist zulässig.
subscriptionId	path	True	string	Microsoft Azure-Abonnement-ID.
api-version	query	True	string	Client-API-Version.
$apply	query		string	OData apply-Ausdruck für Aggregationen.
$filter	query		string	OData-Filterausdruck.
$from	query		string date-time	Iso 8601 formatierter Zeitstempel, der die Startzeit des abzufragenden Intervalls angibt. Wenn nicht angegeben, verwendet der Dienst ($to - 1-Tag).
$orderby	query		string	Sortieren eines Ausdrucks mithilfe der OData-Notation. Ein oder mehrere durch Trennzeichen getrennte Spaltennamen mit einem optionalen "desc" (Standard) oder "asc", z. B. "$orderby=PolicyAssignmentId, ResourceId asc".
$select	query		string	Wählen Sie den Ausdruck mithilfe der OData-Notation aus. Beschränkt die Spalten für jeden Datensatz auf die angeforderten, z. B. "$select=PolicyAssignmentId, ResourceId".
$skiptoken	query		string	Skiptoken wird nur bereitgestellt, wenn eine vorherige Antwort ein Teilergebnis als Teil des nextLink-Elements zurückgegeben hat.
$to	query		string date-time	Iso 8601 formatierter Zeitstempel, der die Endzeit des abzufragenden Intervalls angibt. Wenn er nicht angegeben ist, verwendet der Dienst die Anforderungszeit.
$top	query		integer int32	Maximale Anzahl von zurückzugebenden Datensätzen.

Antworten

Name	Typ	Beschreibung
200 OK	PolicyEventsQueryResults	Abfrageergebnisse.
Other Status Codes	QueryFailure	Fehlerantwort mit Beschreibung des Grunds für den Fehler.

Sicherheit

azure_auth

Azure Active Directory-OAuth2-Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Beschreibung
user_impersonation	Identitätswechsel Ihres Benutzerkontos

Beispiele

Query at subscription level policy definition scope

Query at subscription level policy definition scope with next link

Query at subscription level policy definition scope

Sample Request

POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01

import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;

/** Samples for PolicyEvents ListQueryResultsForPolicyDefinition. */
public final class Main {
    /*
     * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
     */
    /**
     * Sample code: Query at subscription level policy definition scope.
     *
     * @param manager Entry point to PolicyInsightsManager.
     */
    public static void queryAtSubscriptionLevelPolicyDefinitionScope(
        com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
        manager
            .policyEvents()
            .listQueryResultsForPolicyDefinition(
                PolicyEventsResourceType.DEFAULT,
                "fffedd8f-ffff-fffd-fffd-fffed2f84852",
                "24813039-7534-408a-9842-eb99f45721b1",
                null,
                null,
                null,
                null,
                null,
                null,
                null,
                null,
                Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-policyinsights
# USAGE
    python policy_events_query_subscription_level_policy_definition_scope.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = PolicyInsightsClient(
        credential=DefaultAzureCredential(),
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
    )

    response = client.policy_events.list_query_results_for_policy_definition(
        policy_events_resource="default",
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
        policy_definition_name="24813039-7534-408a-9842-eb99f45721b1",
    )
    for item in response:
        print(item)


# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armpolicyinsights_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForPolicyDefinitionPager_queryAtSubscriptionLevelPolicyDefinitionScope() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForPolicyDefinitionPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "24813039-7534-408a-9842-eb99f45721b1", &armpolicyinsights.QueryOptions{Top: nil,
		Filter:    nil,
		OrderBy:   nil,
		Select:    nil,
		From:      nil,
		To:        nil,
		Apply:     nil,
		SkipToken: nil,
		Expand:    nil,
	}, nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
		// 	ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
		// 	ODataCount: to.Ptr[int32](2),
		// 	Value: []*armpolicyinsights.PolicyEvent{
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			PolicyDefinitionAction: to.Ptr("audit"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionReferenceID: to.Ptr("14799174781370023846"),
		// 			PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
		// 		},
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			PolicyDefinitionAction: to.Ptr("audit"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionReferenceID: to.Ptr("1679708035638239273"),
		// 			PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Queries policy events for the subscription level policy definition.
 *
 * @summary Queries policy events for the subscription level policy definition.
 * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
 */
async function queryAtSubscriptionLevelPolicyDefinitionScope() {
  const subscriptionId =
    process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const policyEventsResource = "default";
  const policyDefinitionName = "24813039-7534-408a-9842-eb99f45721b1";
  const credential = new DefaultAzureCredential();
  const client = new PolicyInsightsClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.policyEvents.listQueryResultsForPolicyDefinition(
    policyEventsResource,
    subscriptionId,
    policyDefinitionName
  )) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "@odata.nextLink": null,
  "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
  "@odata.count": 2,
  "value": [
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T19:58:11.590596Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "f4cc58b7db524a9799381531",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
      "policyDefinitionAction": "audit",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": "14799174781370023846",
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
      "complianceState": "NonCompliant"
    },
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T19:58:11.590596Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "f4cc58b7db524a9799381531",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
      "policyDefinitionAction": "audit",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": "1679708035638239273",
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
      "complianceState": "NonCompliant"
    }
  ]
}

Query at subscription level policy definition scope with next link

Sample Request

POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD

import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;

/** Samples for PolicyEvents ListQueryResultsForPolicyDefinition. */
public final class Main {
    /*
     * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
     */
    /**
     * Sample code: Query at subscription level policy definition scope with next link.
     *
     * @param manager Entry point to PolicyInsightsManager.
     */
    public static void queryAtSubscriptionLevelPolicyDefinitionScopeWithNextLink(
        com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
        manager
            .policyEvents()
            .listQueryResultsForPolicyDefinition(
                PolicyEventsResourceType.DEFAULT,
                "fffedd8f-ffff-fffd-fffd-fffed2f84852",
                "24813039-7534-408a-9842-eb99f45721b1",
                null,
                null,
                null,
                null,
                null,
                null,
                null,
                "WpmWfBSvPhkAK6QD",
                Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-policyinsights
# USAGE
    python policy_events_query_subscription_level_policy_definition_scope_next_link.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = PolicyInsightsClient(
        credential=DefaultAzureCredential(),
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
    )

    response = client.policy_events.list_query_results_for_policy_definition(
        policy_events_resource="default",
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
        policy_definition_name="24813039-7534-408a-9842-eb99f45721b1",
    )
    for item in response:
        print(item)


# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armpolicyinsights_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForPolicyDefinitionPager_queryAtSubscriptionLevelPolicyDefinitionScopeWithNextLink() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForPolicyDefinitionPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "24813039-7534-408a-9842-eb99f45721b1", &armpolicyinsights.QueryOptions{Top: nil,
		Filter:    nil,
		OrderBy:   nil,
		Select:    nil,
		From:      nil,
		To:        nil,
		Apply:     nil,
		SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
		Expand:    nil,
	}, nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
		// 	ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
		// 	ODataCount: to.Ptr[int32](2),
		// 	Value: []*armpolicyinsights.PolicyEvent{
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			PolicyDefinitionAction: to.Ptr("audit"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionReferenceID: to.Ptr("14799174781370023846"),
		// 			PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
		// 		},
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			PolicyDefinitionAction: to.Ptr("audit"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
		// 			PolicyDefinitionReferenceID: to.Ptr("1679708035638239273"),
		// 			PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
		// 			PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Queries policy events for the subscription level policy definition.
 *
 * @summary Queries policy events for the subscription level policy definition.
 * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
 */
async function queryAtSubscriptionLevelPolicyDefinitionScopeWithNextLink() {
  const subscriptionId =
    process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const policyEventsResource = "default";
  const policyDefinitionName = "24813039-7534-408a-9842-eb99f45721b1";
  const skipToken = "WpmWfBSvPhkAK6QD";
  const options = {
    queryOptions: { skipToken: skipToken },
  };
  const credential = new DefaultAzureCredential();
  const client = new PolicyInsightsClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.policyEvents.listQueryResultsForPolicyDefinition(
    policyEventsResource,
    subscriptionId,
    policyDefinitionName,
    options
  )) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "@odata.nextLink": null,
  "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
  "@odata.count": 2,
  "value": [
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T19:58:11.590596Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "f4cc58b7db524a9799381531",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
      "policyDefinitionAction": "audit",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": "14799174781370023846",
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
      "complianceState": "NonCompliant"
    },
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T19:58:11.590596Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "f4cc58b7db524a9799381531",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
      "policyDefinitionAction": "audit",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": "1679708035638239273",
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
      "complianceState": "NonCompliant"
    }
  ]
}

Definitionen

Name	Beschreibung
AuthorizationNamespaceType	Der Namespace für den Microsoft-Autorisierungsressourcenanbieter; nur "Microsoft.Authorization" ist zulässig.
ComponentEventDetails	Komponentenereignisdetails.
Error	Fehlerdefinition.
PolicyEvent	Richtlinienereignisdatensatz.
PolicyEventsQueryResults	Abfrageergebnisse.
PolicyEventsResourceType	Der Name der virtuellen Ressource unter dem Ressourcentyp PolicyEvents; nur "default" ist zulässig.
QueryFailure	Fehlerantwort.

AuthorizationNamespaceType

Der Namespace für den Microsoft-Autorisierungsressourcenanbieter; nur "Microsoft.Authorization" ist zulässig.

Name	Typ	Beschreibung
Microsoft.Authorization	string

ComponentEventDetails

Komponentenereignisdetails.

Name	Typ	Beschreibung
id	string	Komponenten-ID.
name	string	Komponentenname
policyDefinitionAction	string	Richtliniendefinitionsaktion, d. h. Wirkung.
principalOid	string	Prinzipalobjekt-ID für den Benutzer, der den Ressourcenkomponentenvorgang initiiert hat, der das Richtlinienereignis ausgelöst hat.
tenantId	string	Mandanten-ID für den Richtlinienereignisdatensatz.
timestamp	string	Zeitstempel für Komponentenrichtlinienereignisdatensatz.
type	string	Komponententyp.

Error

Fehlerdefinition.

Name	Typ	Beschreibung
code	string	Dienstspezifischer Fehlercode, der als Unterstatus für den HTTP-Fehlercode dient.
message	string	Beschreibung des Fehlers

PolicyEvent

Richtlinienereignisdatensatz.

Name	Typ	Beschreibung
@odata.context	string	OData-Kontextzeichenfolge; wird von OData-Clients verwendet, um Typinformationen basierend auf Metadaten aufzulösen.
@odata.id	string	OData-Entitäts-ID; immer auf NULL festgelegt, da Richtlinienereignisdatensätze keine Entitäts-ID aufweisen.
complianceState	string	Kompatibilitätsstatus der Ressource.
components	ComponentEventDetails[]	Komponentenereignisse werden nur dann aufgefüllt, wenn die URL $expand=components-Klausel enthält.
effectiveParameters	string	Effektive Parameter für die Richtlinienzuweisung.
isCompliant	boolean	Flag, das angibt, ob die Ressource mit der Richtlinienzuweisung kompatibel ist, für die sie ausgewertet wurde.
managementGroupIds	string	Durch Trennzeichen getrennte Liste der Verwaltungsgruppen-IDs, die die Hierarchie der Verwaltungsgruppen darstellen, unter denen sich die Ressource befindet.
policyAssignmentId	string	Richtlinienzuweisungs-ID.
policyAssignmentName	string	Name der Richtlinienzuweisung.
policyAssignmentOwner	string	Richtlinienzuweisungsbesitzer.
policyAssignmentParameters	string	Richtlinienzuweisungsparameter.
policyAssignmentScope	string	Richtlinienzuweisungsbereich.
policyDefinitionAction	string	Richtliniendefinitionsaktion, d. h. Wirkung.
policyDefinitionCategory	string	Richtliniendefinitionskategorie.
policyDefinitionId	string	Richtliniendefinitions-ID.
policyDefinitionName	string	Name der Richtliniendefinition.
policyDefinitionReferenceId	string	Referenz-ID für die Richtliniendefinition innerhalb des Richtliniensatzes, wenn die Richtlinienzuweisung für einen Richtliniensatz gilt.
policySetDefinitionCategory	string	Richtliniensatzdefinitionskategorie, wenn die Richtlinienzuweisung für einen Richtliniensatz gilt.
policySetDefinitionId	string	Richtliniensatzdefinitions-ID, wenn die Richtlinienzuweisung für einen Richtliniensatz gilt.
policySetDefinitionName	string	Name der Richtliniensatzdefinition, wenn die Richtlinienzuweisung für einen Richtliniensatz gilt.
policySetDefinitionOwner	string	Richtliniensatzdefinitionsbesitzer, wenn die Richtlinienzuweisung für einen Richtliniensatz gilt.
policySetDefinitionParameters	string	Richtliniensatzdefinitionsparameter, wenn die Richtlinienzuweisung für einen Richtliniensatz gilt.
principalOid	string	Prinzipalobjekt-ID für den Benutzer, der den Ressourcenvorgang initiiert hat, der das Richtlinienereignis ausgelöst hat.
resourceGroup	string	Ressourcengruppenname
resourceId	string	Ressourcen-ID
resourceLocation	string	Ressourcenspeicherort
resourceTags	string	Liste der Ressourcentags.
resourceType	string	Der Ressourcentyp.
subscriptionId	string	Abonnement-ID
tenantId	string	Mandanten-ID für den Richtlinienereignisdatensatz.
timestamp	string	Zeitstempel für den Richtlinienereignisdatensatz.

PolicyEventsQueryResults

Abfrageergebnisse.

Name	Typ	Beschreibung
@odata.context	string	OData-Kontextzeichenfolge; wird von OData-Clients verwendet, um Typinformationen basierend auf Metadaten aufzulösen.
@odata.count	integer	Anzahl der OData-Entitäten; stellt die Anzahl der zurückgegebenen Richtlinienereignisdatensätze dar.
@odata.nextLink	string	Odata nächster Link; URL, um den nächsten Satz von Ergebnissen zu erhalten.
value	PolicyEvent[]	Abfrageergebnisse.

PolicyEventsResourceType

Der Name der virtuellen Ressource unter dem Ressourcentyp PolicyEvents; nur "default" ist zulässig.

Name	Typ	Beschreibung
default	string

QueryFailure

Fehlerantwort.

Name	Typ	Beschreibung
error	Error	Fehlerdefinition.

Share via

Policy Events - List Query Results For Policy Definition

URI-Parameter

Antworten

Sicherheit

azure_auth

Scopes

Beispiele

Query at subscription level policy definition scope

Sample Request

Sample Response

Query at subscription level policy definition scope with next link

Sample Request

Sample Response

Definitionen

AuthorizationNamespaceType

ComponentEventDetails

Error

PolicyEvent

PolicyEventsQueryResults

PolicyEventsResourceType

QueryFailure

Zusätzliche Ressourcen